Lucene search
K

20 matches found

NVD
NVD
added 2026/06/13 3:16 a.m.16 views

CVE-2026-54230

A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the ONOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and...

7.8CVSS0.0014EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.23 views

PT-2026-48992

Name of the Vulnerable Software and Affected Versions Kitty versions 0.47.0 through 0.47.1 Description In the kitten dnd component, a malicious remote drag-and-drop source can overwrite or truncate arbitrary files that the local user has permission to write. This occurs because remote text/uri-li...

7.6CVSS6.1AI score0.00268EPSS
Exploits1References4
EUVD
EUVD
added 2026/06/10 5:3 a.m.12 views

EUVD-2026-35982

A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...

7.3CVSS5.6AI score0.00127EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/10 5:3 a.m.8 views

CVE-2026-11837

A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...

7.3CVSS5.6AI score0.00127EPSS
Exploits0
CVE
CVE
added 2026/06/10 5:3 a.m.38 views

CVE-2026-11837

CVE-2026-11837 describes a local privilege escalation in the ansible.posix authorized_key module. The keyfile() function uses os.chown() instead of os.lchown() and opens files without O_NOFOLLOW when handling SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their ~/...

7.3CVSS5.6AI score0.00127EPSS
Exploits0References3
CloudLinux
CloudLinux
added 2026/05/26 7:41 p.m.14 views

rsync: Fix of 2 CVEs

CVE-2026-43618: fix integer overflow in compressed-token decoding that could leak rsync process memory contents over the wire - CVE-2026-29518: fix TOCTOU race on parent path components in non-chroot daemon by routing receiver/sender opens, chmod, and chdir through per- component ONOFOLLOW secure...

8.1CVSS5.9AI score0.0078EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/13 3:48 a.m.9 views

SUSE CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References3
OSV
OSV
added 2026/05/11 6:31 p.m.6 views

GHSA-HR4R-FWPV-C95J pgAdmin 4 File Manager has symbolic-link path traversal

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References4
NVD
NVD
added 2026/05/11 4:17 p.m.20 views

CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS0.00359EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 2:35 p.m.32 views

CVE-2026-7819 pgAdmin 4: Symbolic-link path traversal in File Manager allows arbitrary file write

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS0.00359EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 2:35 p.m.7 views

CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References2
CVE
CVE
added 2026/05/11 2:35 p.m.26 views

CVE-2026-7819

CVE-2026-7819 describes a symbolic-link path traversal in pgAdmin 4 File Manager. The vulnerability arises because check_access_permission used os.path.abspath (resolving ..) but not symbolic links, allowing an authenticated user to plant a symlink within their storage directory that points elsew...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/05 9:6 p.m.9 views

CLSA-2026-1777944214 libcap: Fix of CVE-2026-4878

CVE-2026-4878: fix TOCTOU race in capsetfile by performing xattr writes via an ONOFOLLOW file descriptor instead of the user-supplied path...

7CVSS5.8AI score0.00188EPSS
Exploits1References1
OSV
OSV
added 2026/05/05 12:43 a.m.8 views

CLSA-2026-1777941808 libcap: Fix of CVE-2026-4878

CVE-2026-4878: fix TOCTOU race in capsetfile by performing xattr writes via an ONOFOLLOW file descriptor instead of the user-supplied path...

7CVSS5.8AI score0.00188EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/04 9:7 p.m.12 views

OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes

Summary OpenShell FS bridge reads pin and verify the opened file before returning bytes Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact A time-of-check/time-of-use race around OpenShell sandbox filesystem reads could let a...

8.3CVSS5.8AI score0.00208EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/22 6:31 p.m.4 views

GHSA-HPFW-MQM3-33JH uutils coreutils has a Link Following issue

A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the ONOFOLLOW flag. An attacker with...

4.7CVSS5.9AI score0.00105EPSS
Exploits1References3
NVD
NVD
added 2026/04/22 5:16 p.m.9 views

CVE-2026-35359

A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the ONOFOLLOW flag. An attacker with...

4.7CVSS0.00105EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/04/08 1:6 a.m.3 views

CVE-2026-32282

On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the ATSYMLINKNOFOLLOW flag, which Root.Chmod uses to...

6.4CVSS5.8AI score0.00292EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/01/24 8:38 a.m.152 views

CVE-2026-D0cker

CVE-2026-Pending: Container Escape via runC maskPaths Vunlerab...

5.8AI score
Exploits0
Patchstack
Patchstack
added 2017/12/29 12:0 a.m.8 views

WordPress No Follow All External Links plugin <=2.3.0 - Backdoored

Backdoor code found by WordFence in WordPress No Follow All External Links plugin versions =2.3.0. Solution This plugin was closed on 2017 December 19 and is no longer available for download on WordPress plugin repository. Deactivate and delete the plugin...

3.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder